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Amendments to the Claims 

This listing of claims will replace all prior versions of claims in the application. Claims 
1-33 have been amended herein. 

1 . (Currently amended) A method of controlling at a gateway computing device access of a 
client machine to a desired resource hosted on a destination server, the desired resource being of 
at least one material type selected from the group including audible materials, readable materials, 
and viewable materials, comprising th e st e ps of : 

(a) at the gateway computing device receiving handshaking packets from the client 
machine having as a destination address the destination server; 

(b) redirecting network communications at the gateway computing device, including-the 
st e ps of : 

redirecting the entirety of each of the handshaking packets by rewriting the 
destination address in the handshaking packets' IP headers to route the packets to an 
access controlling web server that is remote from the cUent, the gateway, and the 
destination server; 

receiving a content request packet from the client machine at the gateway destined 
for the destination server intended to retrieve the desired resource from the destination 
server; and 

at the gateway redirecting the content request packet in its entirety by rewriting 
the destination address in the packet IP header to route the packet to the access 
controlling web server; 

(e) receiving a response at the gateway from the access controlling web server; and 
(d) at the gateway, controlling access of the client machine to the desired resource based 
on the response from the access controlling web server, including refusing the client machine 
access to the desired resource if the response from the access controlling web server indicates 
that the client should not have access to the desired resource and granting the cUent machine 
access to the desired resource if the response from the access controlling web server indicates 
that the client should have access to the desired resource. 
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2. (Currently amended) The method according to claim 1, whoroin th e step of controlling 
access to the desired resource based on the response from the access controlling web server 
further comprises the stop of: 

establishing a connection between the client machine and the destination server if the 
response indicates that access to the desired resource is allowable. 

3. (Currently amended) The method according to claim 2, wh e r e in the content request 
packet comprises a GET URL packet. 

4. (Currently amended) The method according to claim 3, wher e in the response indicates 
that access to the desired resource is allowable if the access controlling web server does not 
recognize the URL of the GET URL packet. 

5. (Currently amended) The method according to claim 4, further comprising th e st e p of 
refusing a connection to the destination server[[,]] and establishing instead a connection between 
the client machine and the access controlling web server if the response is that the access 
controlling web server recognizes the URL of the GET URL packet. 

6. (Currently amended) The method according to claim 5, wh e r e in the step of establishing a 
connection between the client machine and the destination server comprises: resending the 
handshaking packets and GET URL packet to the destination server transparently with respect to 
the client machine. 

7. (Currently amended) The method according to claim 6, further comprising tho step of 
embedding an identity token readable by the access controlling web server in the GET URL 
packet, wh e r e in the identity token uniquely identifies the client machine. 

8. (Currently amended) The method according to claim 6, further comprising th e st e p of 
determining whether to redirect network communications based on the content of a handshaking 
packet. 
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9. (Currently amended) The method according to claim 8, wh e r e in th e st e p of determining 
whether to redirect network communications comprises deciding to redirect network 
communications if the handshaking packet is a SYN packet directed to port 80 on the destination 
server. 

10. (Currently amended) The method according to claim 3, wh e r e in the response indicates 
that access to the desired resource is allowable if the access controlling web server recognizes 
the URL of the GET URL packet. 

IL (Currently amended) The method according to claim 10, further comprising the step of 
refusing a connection to the destination server[[,]] and establishing instead a connection between 
the client machine and the access controlling web server if the response indicates that the access 
controlling web server does not recognize the URL of the GET URL packet. 

12. (Currently amended) The method according to claim 11, wh e r e in the access controlling 
web server is an RSACi Web Server. 

13. (Currently amended) The method according to claim 11, wh e r e in th e st e p of establishing 
a connection between the client machine and the destination server comprises: resending the 
handshaking packets and GET URL packet to the destination server transparently with respect to 
the client machine. 

14. (Currently amended) The method according to claim 13, further comprising th e step of 
embedding an identity token readable by the access controlling web server in the GET URL 
packet, wh e r e in the identity token uniquely identifies the client machine. 

15. (Currently amended) The method according to claim 13, further comprising th e st e p of 
determining whether to redirect network communications based on the content of a handshaking 
packet. 
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16. (Currently amended) The method according to claim 15, wh e r e in th e st e p of determining 
whether to redirect network communications comprises deciding to redirect network 
communications if the handshaking packet is a SYN packet directed to port 80 on the destination 
server. 

17. (Currently amended) A computer-readable medium having computer-executable 
instructions for controlling access at a gateway computer of a client to a desired resource hosted 
on a destination server comprising th e st e ps of : 

(a) receiving handshaking packets at the gateway computer from the client machine 
having as a destination address an address corresponding to the destination server; 

(b) redirecting network communications at the gateway computer, including th e st e ps of : 

redirecting the handshaking packets in their entirety by rewriting the destination 
address in the handshaking packets' IP headers to route the packets to an access 
controlling web server that is remote from the gateway computer; 

receiving a content request packet from the client machine destined for the 
destination server intended to retrieve the desired resource from the destination server; 
and 

redirecting the entirety of the content request packet by rewriting the destination 
address in the packet IP header to route the packet to the access controlling web server; 
(e) receiving a response at the gateway computer from the access controlling web server; 

and 

(d) at the gateway computer controlling access of the client machine to the desired 
resource based on the response from the access controlling web server by granting access if the 
response indicates that the client may access the desired resource and denying access if the 
response indicates that the client may not access the desired resource. 

18. (Currently amended) The computer-readable medium of claim 17, wh e r e in th e st e p of 
controlling access to the desired resource based on the response from the access controlling web 
server further comprises th e st e p of: 

establishing a connection between the client machine and the destination server if the 
response indicates that access to the desired resource is allowable. 
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19. (Currently amended) The computer-readable medium of claim 18, wher e in the content 
request packet comprises a GET URL packet. 

20. (Currently amended) The computer-readable medium of claim 19, wh e r e in the response 
indicates that access to the desired resource is allowable if the access controlling web server does 
not recognize the URL of the GET URL packet. 

21 . (Currently amended) The computer-readable medium of claim 20, further comprising the 
step of refusing a connection to the destination server[[,]] and establishing instead a connection 
between the client machine and the access controlling web server if the response is that the 
access controlling web server recognizes the URL of the GET URL packet. 

22. (Currently amended) The computer-readable medium of claim 19, wh e r e in th e st e p of 
establishing a connection between the client machine and the destination server comprises: 
resending the handshaking packets and GET URL packet to the destination server transparently 
with respect to the client machine. 

23. (Currently amended) The computer-readable medium of claim 22, further comprising the 
step-ef embedding an identity token readable by the access controlling web server in the GET 
URL packet, wh e r e in the identity token uniquely identifies the client machine. 

24. (Currently amended) The computer-readable mediimi of claim 22, further comprising the 
st e p of determining whether to redirect network communications based on the content of a 
handshaking packet. 

25. (Currently amended) The computer-readable medium of claim 24, wh e r e in th e st e p of 
determining whether to redirect network communications comprises deciding to redirect network 
communications if the handshaking packet is a SYN packet directed to port 80 on the destination 
server. 
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26. (Currently amended) The computer-readable medium of claim 19, wh e r e in the response 
indicates that access to the desired resource is allowable if the access controlling web server 
recognizes the URL of the GET URL packet. 

27. (Currently amended) The computer-readable medium of claim 26, further comprising the 
step^ refusing a coimection to the destination server, and establishing instead a connection 
between the client machine and the access controlling web server if the response indicates that 
the access controlUng web server does not recognize the URL of the GET URL packet. 

28. (Currently amended) The computer-readable medium of claim 27, wh e r e in the access 
controlling web server is an RSACi Web Server. 

29. (Currently amended) The computer-readable medium of claim 27, wher e in the step of 
establishing a connection between the client machine and the destination server comprises: 
resending the handshaking packets and GET URL packet to the destination server transparently 
with respect to the client machine. 

30. (Currently amended) The computer-readable medium of claim 29, further comprising the 
st e p of embedding an identity token readable by the access controlling web server in the GET 
URL packet, wh e r e in the identity token uniquely identifies the client machine. 

3 1 . (Currently amended) The computer-readable medium of claim 29, further comprising the 
step-ef determining whether to redirect network communications based on the content of a 
handshaking packet. 

32. (Currently amended) The computer-readable medium of claim 3 1 , wh e rein the st e p of 
determining whether to redirect network communications comprises deciding to redirect network 
communications if the handshaking packet is a SYN packet directed to port 80 on the destination 
server. 
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33. (Currently amended) In a computer network environment comprising a client, a hosting 
server, an access controlling server, and a gateway interposed between the client and both of the 
hosting server and the access controlling server, a method of controlHng access of the cHent to a 
desired resource hosted on the hosting server, comprising th e st e ps of : 

(a) receiving at the gateway a request packet from the client for the desired resource and 
redirecting the entire request packet to the access controlling server; 

(b) receiving at the gateway a permission notification from the access controlling server 
in response to the redirected request packet; and 

(e) choosing to either grant or deny access of the client machine to the desired resource 
based on at least one criterion including the content of the permission notification received from 
the access controlling server. 
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